• Latest
  • Trending
Developers and Security – Using Data to Consolidate

Developers and Security – Using Data to Consolidate

December 6, 2021
ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023
Data Leak Hits Thousands of NHS Workers

Data Leak Hits Thousands of NHS Workers

February 20, 2023
EU Cybersecurity Agency Warns Against Chinese APTs

EU Cybersecurity Agency Warns Against Chinese APTs

February 20, 2023
How Your Storage System Will Still Be Viable in 5 Years’ Time?

How Your Storage System Will Still Be Viable in 5 Years’ Time?

February 20, 2023
The Broken Promises From Cybersecurity Vendors

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

February 20, 2023
Instagram and Facebook to get paid-for verification

Instagram and Facebook to get paid-for verification

February 20, 2023
YouTube CEO Susan Wojcicki steps down after nine years

YouTube CEO Susan Wojcicki steps down after nine years

February 20, 2023
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Wednesday, 29 November, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Developers and Security – Using Data to Consolidate

by ITECHNEWS
December 6, 2021
in Opinion
0 0
0
Developers and Security – Using Data to Consolidate

Software makes the world go round today. A decade since Marc Andreesen famously stated that ‘software is eating the world,’ the demand for code to deliver services and automate processes is only increasing. The advent of the COVID-19 pandemic forced companies that had not ‘gone digital’ to invest, while those that already ran online doubled down.

As part of this, approaches like agile development and DevOps helped. From focusing on shorter timeframes and smaller amounts of development to keep up with business demands, through to developers taking on responsibility for IT operations and running what they build, the software development team has increased the amount of the development process that it owns. In effect: “You build it, you support it.”

YOU MAY ALSO LIKE

Making Biometrics Work: 3 Ways To Jumpstart the Process

How to prevent cyberbullying: Keeping students safe

However, security is often an afterthought in this process. In a rush to get more done, security can fall down the list of priorities. Despite the availability of best practice guides for secure software development from the National Cyber Security Centre and OWASP, getting security considered during the development pipeline can be difficult. To solve this problem involves looking at data, responsibility and changes to processes.

The first area for change is data. Today, software developers are involved in projects that rely on data to solve customer problems, yet how many of them use this information in their own workflows? There has been a massive increase in observability projects, where developers use application logs, metrics and tracing data to understand performance, but this data can be used for security as well. Done in the right way, this can actually help consolidate tools and data captured, so the organization does not have to pay twice for each team to capture data and analyze it.

This approach to data can go further, too. Just like software developers create systems that build on and use data to improve customer experience, they can take information from their own software pipelines to improve their processes around both development and security. As software projects move from coding to test, deployment and production, they generate data that can be captured and used over time. The problem previously was that processes did not put that data to work.

“Alongside the data, IT teams at organizations have to look at how they think about security from beginning to end”

For some teams, this is the problem of the cobbler’s shoes, in that they spend so much time working on other teams’ requirements around data that they don’t have time to prioritize their own needs. The other problem is that there are so many different pipelines to track – software development teams can have a lot of freedom to choose the tools, services and cloud platforms they use, so there is less standardization in place for what is deployed over time. It is therefore essential to get all that data into one place, so it can provide insight into what is going on across all the pipelines that are running concurrently.

Alongside the data, IT teams at organizations have to look at how they think about security from beginning to end. Security has to shift left and take place earlier in the process, but this requires the right mindset across all the teams involved. For example, are you incentivizing security in your process from the start, and how do you measure this? The right metric can be enormously effective in promoting good quality secure code at the beginning, while the wrong metric can lead to more problems over time. As anthropologist Marilyn Strathern observed, “When a measure becomes a target, it ceases to be a good measure.”

Instead, security and development teams can collaborate on improving the process, from thinking about security as part of process design and code development to preventing issues like misconfiguration in deployment. This includes allowing more time for code review, using code analysis tools, and mandating that rules on secure coding are followed. For example, this could be by tracking code developed over time and – rather than measuring by lines of code generated – looking at numbers of security issues prevented and solved.

Developers and security teams already use data to meet their goals. However, looking at this in context can help every team improve their results, consolidate their tooling and collaborate more effectively. By looking at security, development and DevOps as a whole, then setting up the right goals and metrics, teams can incentivize the right kinds of behavior rather than concentrating on specific targets. In effect: “You build it securely; you all support it effectively.”

Colin Fernandes EMEA Product Director, Sumo Logic

ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023
Co-Creation Hub’s edtech accelerator puts $15M towards African startups

Co-Creation Hub’s edtech accelerator puts $15M towards African startups

February 20, 2023

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

ATC Ghana supports Girls-In-ICT Program

ATC Ghana supports Girls-In-ICT Program

April 25, 2023
Vice President Dr. Bawumia inaugurates  ICT Hub

Vice President Dr. Bawumia inaugurates ICT Hub

April 2, 2023

Recent News

  • ATC Ghana supports Girls-In-ICT Program April 25, 2023
  • Vice President Dr. Bawumia inaugurates ICT Hub April 2, 2023
  • Co-Creation Hub’s edtech accelerator puts $15M towards African startups February 20, 2023
  • Data Leak Hits Thousands of NHS Workers February 20, 2023
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version